﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Transactions;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using DotNetOpenAuth.AspNet;
using Microsoft.Web.WebPages.OAuth;
using WebMatrix.WebData;
using BlackBox.Filters;
using BlackBox.Models;

namespace BlackBox.Controllers
{
    #region Account View Model
    public class AccountViewModel
    {
        public UserProfiles UserData { get; set; }
		public IEnumerable<UserProfiles> UserListData { get; set; }
        public LocalPasswordModel LoginData { get; set; }
		public Group GroupData { get; set; }
        public List<Group> GroupListData { get; set; }
        public IEnumerable<Game> GameData { get; set; }
        public News NewsData { get; set; }
		public IEnumerable<Invite> InviteListData { get; set; }
    }
    #endregion


    [Authorize]
    [InitializeSimpleMembership]
    public class AccountController : Controller
	{
		#region repositories
		GameRepository repGame = new GameRepository();
        UserRepository repUser = new UserRepository();
        GroupRepository repGroup = new GroupRepository();
        NewsRepository repNews = new NewsRepository();
        //
        // GET: /Account/Login
		#endregion

		#region Generated
		[AllowAnonymous]
        public ActionResult Login(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            return View();
        }

        //
        // POST: /Account/Login

        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult Login(LoginModel model, string returnUrl)
        {
            if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
            {
                return RedirectToLocal(returnUrl);
            }

            // If we got this far, something failed, redisplay form
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
            return View(model);
        }

        //
        // POST: /Account/LogOff

        [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult LogOff()
        {
            WebSecurity.Logout();

            return RedirectToAction("Main", "Home");
        }

        //
        // GET: /Account/Register

        [AllowAnonymous]
        public ActionResult Register()
        {
            return View();
        }

        //
        // POST: /Account/Register
    
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult Register(RegisterModel model)
        {
            if (ModelState.IsValid)
            {
                // Attempt to register the user
                try
                {
                    //Added Email
                    WebSecurity.CreateUserAndAccount(model.UserName, model.Password, new { Email = model.Email});
                    //When User registers he registers as User
                    Roles.AddUserToRole(model.UserName, "User"); 
                    WebSecurity.Login(model.UserName, model.Password);
                    return RedirectToAction("Main", "Home");
                }
                catch (MembershipCreateUserException e)
                {
                    ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // POST: /Account/Disassociate

        [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Disassociate(string provider, string providerUserId)
        {
            string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
            ManageMessageId? message = null;

            // Only disassociate the account if the currently logged in user is the owner
            if (ownerAccount == User.Identity.Name)
            {
                // Use a transaction to prevent the user from deleting their last login credential
                using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable }))
                {
                    bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
                    if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
                    {
                        OAuthWebSecurity.DeleteAccount(provider, providerUserId);
                        scope.Complete();
                        message = ManageMessageId.RemoveLoginSuccess;
                    }
                }
            }

            return RedirectToAction("Manage", new { Message = message });
        }

        //
        // GET: /Account/Manage

        public ActionResult Manage(ManageMessageId? message)
        {
            ViewBag.StatusMessage =
                message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed."
                : message == ManageMessageId.SetPasswordSuccess ? "Your password has been set."
                : message == ManageMessageId.RemoveLoginSuccess ? "The external login was removed."
                : "";
            ViewBag.HasLocalPassword = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
            ViewBag.ReturnUrl = Url.Action("Manage");
            return View();
        }

        //
        // POST: /Account/Manage

        [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Manage(LocalPasswordModel model)
        {
            bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
            ViewBag.HasLocalPassword = hasLocalAccount;
            ViewBag.ReturnUrl = Url.Action("Manage");
            if (hasLocalAccount)
            {
                if (ModelState.IsValid)
                {
                    // ChangePassword will throw an exception rather than return false in certain failure scenarios.
                    bool changePasswordSucceeded;
                    try
                    {
                        changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword);
                    }
                    catch (Exception)
                    {
                        changePasswordSucceeded = false;
                    }

                    if (changePasswordSucceeded)
                    {
                        return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess });
                    }
                    else
                    {
                        ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
                    }
                }
            }
            else
            {
                // User does not have a local password so remove any validation errors caused by a missing
                // OldPassword field
                ModelState state = ModelState["OldPassword"];
                if (state != null)
                {
                    state.Errors.Clear();
                }

                if (ModelState.IsValid)
                {
                    try
                    {
                        WebSecurity.CreateAccount(User.Identity.Name, model.NewPassword);
                        return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess });
                    }
                    catch (Exception e)
                    {
                        ModelState.AddModelError("", e);
                    }
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // POST: /Account/ExternalLogin

        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult ExternalLogin(string provider, string returnUrl)
        {
            return new ExternalLoginResult(provider, Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
        }

        //
        // GET: /Account/ExternalLoginCallback

        [AllowAnonymous]
        public ActionResult ExternalLoginCallback(string returnUrl)
        {
            AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
            if (!result.IsSuccessful)
            {
                return RedirectToAction("ExternalLoginFailure");
            }

            if (OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false))
            {
                return RedirectToLocal(returnUrl);
            }

            if (User.Identity.IsAuthenticated)
            {
                // If the current user is logged in add the new account
                OAuthWebSecurity.CreateOrUpdateAccount(result.Provider, result.ProviderUserId, User.Identity.Name);
                return RedirectToLocal(returnUrl);
            }
            else
            {
                // User is new, ask for their desired membership name
                string loginData = OAuthWebSecurity.SerializeProviderUserId(result.Provider, result.ProviderUserId);
                ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(result.Provider).DisplayName;
                ViewBag.ReturnUrl = returnUrl;
                return View("ExternalLoginConfirmation", new RegisterExternalLoginModel { UserName = result.UserName, ExternalLoginData = loginData });
            }
        }

        //
        // POST: /Account/ExternalLoginConfirmation

        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl)
        {
            string provider = null;
            string providerUserId = null;

            if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId))
            {
                return RedirectToAction("Manage");
            }

            if (ModelState.IsValid)
            {
                // Insert a new user into the database
                using (UsersContext db = new UsersContext())
                {
                    UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower());
                    // Check if user already exists
                    if (user == null)
                    {
                        // Insert name into the profile table
                        db.UserProfiles.Add(new UserProfile { 
                            UserName = model.UserName
                        });
                        db.SaveChanges();

                        OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName);
                        OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false);

                        return RedirectToLocal(returnUrl);
                    }
                    else
                    {
                        ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name.");
                    }
                }
            }

            ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName;
            ViewBag.ReturnUrl = returnUrl;
            return View(model);
        }

        //
        // GET: /Account/ExternalLoginFailure

        [AllowAnonymous]
        public ActionResult ExternalLoginFailure()
        {
            return View();
        }

        [AllowAnonymous]
        [ChildActionOnly]
        public ActionResult ExternalLoginsList(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            return PartialView("_ExternalLoginsListPartial", OAuthWebSecurity.RegisteredClientData);
        }

        [ChildActionOnly]
        public ActionResult RemoveExternalLogins()
        {
            ICollection<OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name);
            List<ExternalLogin> externalLogins = new List<ExternalLogin>();
            foreach (OAuthAccount account in accounts)
            {
                AuthenticationClientData clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider);

                externalLogins.Add(new ExternalLogin
                {
                    Provider = account.Provider,
                    ProviderDisplayName = clientData.DisplayName,
                    ProviderUserId = account.ProviderUserId,
                });
            }

            ViewBag.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
            return PartialView("_RemoveExternalLoginsPartial", externalLogins);
        }
		#endregion

		#region Ours

		#region Profile Actions
		public ActionResult Profile(string name)
		{
			AccountViewModel model = new AccountViewModel();
			var user = repUser.GetByName(name);

            //Getting necessary model
			model.InviteListData = repUser.GetInvitesByUser(user.UserId);
			model.UserData = repUser.GetByID(user.UserId);
			model.GroupListData = repGroup.GetGroupsByUser(user.UserId);

			return View(model);
		}

		public ActionResult EditProfile(string name)
		{
			var model = repUser.GetByName(name);

			return View(model);
		}

        [HttpPost]
        public ActionResult EditProfile(UserProfiles updatedUser)
        {
            repUser.UpdateUser(updatedUser);
            //Redirect the user to his profile
            return RedirectToAction("Profile", "Account", new { name = updatedUser.UserName });
        }

		#endregion

		#region Admin Actions
        [Authorize]
        public ActionResult AdminTools()
        {
            AccountViewModel model = new AccountViewModel();

            model.GameData = repGame.GetAllGames();
            model.UserListData = repUser.GetAllUsers();

            return View(model);
        }

        [HttpPost]
        public ActionResult AdminRemoveGame(Game ListOfGameIds)
        {
            repGame.RemoveGame(ListOfGameIds);

            //Sending the user back to AdminTools
            return RedirectToAction("AdminTools");
        }

        [HttpPost]
        public ActionResult AdminBan(UserProfiles ListOfIds)
        {
            try
            {
                repUser.RemoveUser(ListOfIds);
            }
            catch
            {
                View("Error");
            }
            //Sending the user back to AdminTools
            return RedirectToAction("AdminTools");
        }

		#endregion

		#region Group Actions
		public ActionResult AllGroups()
		{
			var model = repGroup.GetAllGroups();

			return View(model);
		}

		public ActionResult CreateGroup()
		{
			return View();
		}

		[HttpPost]
		public ActionResult CreateGroup(Group newGroup)
		{
			repGroup.AddGroup(newGroup);
			var model = repUser.GetByName(User.Identity.Name);
			repGroup.AddGroupMember(model.UserId, newGroup.id);

			return RedirectToAction("Group/" + newGroup.id);
		}

		public ActionResult Group(int id)
		{
			AccountViewModel model = new AccountViewModel();

			model.GroupData = repGroup.GetGroupById(id);
			model.UserListData = repUser.GetUsersByGroup(id);
			model.UserData = repUser.GetByID(id);

			return View(model);
		}

		public ActionResult JoinGroup(int id)
		{
			var model = repUser.GetByName(User.Identity.Name);
			repGroup.AddGroupMember(model.UserId, id);

			return RedirectToAction("Group/" + id);
		}

		public ActionResult LeaveGroup(int id)
		{
			var model = repUser.GetByName(User.Identity.Name);
			repGroup.RemoveGroupMember(model.UserId, id);

			return RedirectToAction("Group/" + id);
		}

		#endregion

		#region Invite
        //Sending a Invite to a User (Group)
		public JsonResult InviteToGroup(int GroupID, string UserName)
		{
            //Creating the invite
			Invite myInvite = new Invite()
			{
				UserID = repUser.GetByName(UserName).UserId,
				GroupID = GroupID,
				GameID = 0
			};

            //Adding to the user
			if (myInvite != null)
			{
				repUser.AddInvite(myInvite);
			}
			return Json(null);
		}

        //Sending a Invite to a User (Game)
		public JsonResult InviteToGame(int GameID, string UserName)
		{
			Invite myInvite = new Invite()
			{
				UserID = repUser.GetByName(UserName).UserId,
				GroupID = 0,
				GameID = GameID
			};

			if (myInvite != null)
			{
				repUser.AddInvite(myInvite);
			}
			return Json(null);
		}

        //Accepting the invie (Group)
		public ActionResult AcceptGroupInvite(int? groupID)
		{
            //If the id as value
			if (groupID.HasValue)
			{
				int group = groupID.Value;
                //Creating the invite
				Invite accept = new Invite
				{
					UserID = repUser.GetByName(User.Identity.Name).UserId,
					GroupID = group,
					GameID = 0
				};
                //Sending it
				repUser.InviteAccepted(accept);

                //Redirecting User to the group
				return RedirectToAction("/Group/" + groupID);
			}
			return Redirect("/Home/Main");
		}

		public ActionResult AcceptGameInvite(int? gameID)
		{
			if (gameID.HasValue)
			{
				int game = gameID.Value;
				Invite accept = new Invite
				{
					UserID = repUser.GetByName(User.Identity.Name).UserId,
					GroupID = 0,
					GameID = game
				};
				repUser.InviteAccepted(accept);
				return RedirectToAction("Play/" + game, "Game");
			}
			return Redirect("/Home/Main");
		}
		#endregion

		#endregion

		#region Helpers

		private ActionResult RedirectToLocal(string returnUrl)
        {
            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Main", "Home");
            }
        }

        public enum ManageMessageId
        {
            ChangePasswordSuccess,
            SetPasswordSuccess,
            RemoveLoginSuccess,
        }


        internal class ExternalLoginResult : ActionResult
        {
            public ExternalLoginResult(string provider, string returnUrl)
            {
                Provider = provider;
                ReturnUrl = returnUrl;
            }

            public string Provider { get; private set; }
            public string ReturnUrl { get; private set; }

            public override void ExecuteResult(ControllerContext context)
            {
                OAuthWebSecurity.RequestAuthentication(Provider, ReturnUrl);
            }
        
        }

        private static string ErrorCodeToString(MembershipCreateStatus createStatus)
        {
            // See http://go.microsoft.com/fwlink/?LinkID=177550 for
            // a full list of status codes.
            switch (createStatus)
            {
                case MembershipCreateStatus.DuplicateUserName:
                    return "User name already exists. Please enter a different user name.";

                case MembershipCreateStatus.DuplicateEmail:
                    return "A user name for that e-mail address already exists. Please enter a different e-mail address.";

                case MembershipCreateStatus.InvalidPassword:
                    return "The password provided is invalid. Please enter a valid password value.";

                case MembershipCreateStatus.InvalidEmail:
                    return "The e-mail address provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidAnswer:
                    return "The password retrieval answer provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidQuestion:
                    return "The password retrieval question provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidUserName:
                    return "The user name provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.ProviderError:
                    return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

                case MembershipCreateStatus.UserRejected:
                    return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

                default:
                    return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
            }
        }
        #endregion
    }
}
